IT Security Analyst

About The Position

Requirements

• Education and experience: The educational equivalent to a bachelor’s degree from an accredited college or university in computer science, business administration, or related field of Information Technology application management or the educational equivalent to a high school diploma plus four years of computer related experience.
• Knowledge, skills and abilities: Ability to facilitate relations between business groups and technology department.
• Ability to work both independently and in a team-oriented, collaborative environment.
• Can conform to shifting priorities, demands, and timelines through analytical and problem-solving capabilities.
• Ability to read communication styles of project team leads, team members, and contractors who come from a broad spectrum of disciplines.
• Ability to effectively manage conflict within team dynamics.
• Advanced interpersonal, written, and oral communication skills.
• Adept at conducting research into project-related issues and products.
• Must be able to learn, understand, and apply new technologies.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.

Responsibilities

• Contribute to the planning and design of enterprise security architecture based on industry-standard best practices.
• Contribute to the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures).
• Contribute to the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, where appropriate.
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Assist in formulating security solutions or enhancements to ensure new or existing platforms are implemented in line with security best practices and ARDOT policies.
• Assist in performing the deployment, integration and initial configuration of new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
• Recommend, schedule, and perform security improvements, upgrades, and/or purchases.
• Assist in the deployment, management and maintenance of security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software.
• Design and perform penetration testing of ARDOT systems in order to identify system vulnerabilities.
• Design, implement, and report on security system and end user activity audits.
• Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.
• Download and test new security software and/or technologies.
• Provide technical assistance to junior members of the Information Technology Division.
• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
• Maintain operational configurations of all in-place security solutions as per the established baselines.
• Monitor all in-place security solutions for efficient and appropriate operations.
• Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise recommendations for appropriate resolution.
• Participate in investigations into problematic activity.
• Contribute in the design and execution of vulnerability assessments, penetration tests and security audits.
• Participate in team meetings and one-on-one manager / technician meetings.
• Participate or represent IT Security on assigned ARDOT projects.
• Perform other duties that may be assigned in the best interest of ARDOT and Information Technology Division.